Merge pull request #26 from gitlost/issue_22

danielbachhuber · web-flow · commit 924e78408384 · 2017-06-14T07:49:39.000+02:00
Cater for symbolic links. Add canonicalize_path and use in check_target_directory.
diff --git a/features/scaffold-plugin-tests.feature b/features/scaffold-plugin-tests.feature
@@ -140,15 +140,60 @@ Feature: Scaffold plugin unit tests
 
   Scenario: Scaffold plugin tests with invalid slug
     Given a WP install
+    Then the {RUN_DIR}/wp-content/plugins/hello.php file should exist
+
+    When I try `wp scaffold plugin-tests hello`
+    Then STDERR should be:
+      """
+      Error: Invalid plugin slug specified. No such target directory '{RUN_DIR}/wp-content/plugins/hello'.
+      """
 
     When I try `wp scaffold plugin-tests .`
-    Then STDERR should contain:
+    Then STDERR should be:
       """
-      Error: Invalid plugin slug specified.
+      Error: Invalid plugin slug specified. The slug cannot be '.' or '..'.
       """
 
     When I try `wp scaffold plugin-tests ../`
-    Then STDERR should contain:
+    Then STDERR should be:
+      """
+      Error: Invalid plugin slug specified. The target directory '{RUN_DIR}/wp-content/plugins/../' is not in '{RUN_DIR}/wp-content/plugins'.
+      """
+
+  Scenario: Scaffold plugin tests with invalid directory
+    Given a WP install
+    And I run `wp scaffold plugin hello-world --skip-tests`
+
+    When I run `wp plugin path hello-world --dir`
+    Then save STDOUT as {PLUGIN_DIR}
+
+    When I try `wp scaffold plugin-tests hello-world --dir=non-existent-dir`
+    Then STDERR should be:
+      """
+      Error: Invalid plugin directory specified. No such directory 'non-existent-dir'.
+      """
+
+    When I run `rm -rf {PLUGIN_DIR} && touch {PLUGIN_DIR}`
+    Then the return code should be 0
+    When I try `wp scaffold plugin-tests hello-world`
+    Then STDERR should be:
+      """
+      Error: Invalid plugin slug specified. No such target directory '{PLUGIN_DIR}'.
+      """
+
+  Scenario: Scaffold plugin tests with a symbolic link
+    Given a WP install
+    And I run `wp scaffold plugin hello-world --skip-tests`
+
+    When I run `wp plugin path hello-world --dir`
+    Then save STDOUT as {PLUGIN_DIR}
+
+    When I run `mv {PLUGIN_DIR} {RUN_DIR} && ln -s {RUN_DIR}/hello-world {PLUGIN_DIR}`
+    Then the return code should be 0
+
+    When I run `wp scaffold plugin-tests hello-world`
+    Then STDOUT should not be empty
+    And the {PLUGIN_DIR}/tests directory should contain:
       """
-      Error: Invalid plugin slug specified.
+      bootstrap.php
       """
diff --git a/features/scaffold-theme-tests.feature b/features/scaffold-theme-tests.feature
@@ -77,7 +77,7 @@ Feature: Scaffold theme unit tests
     When I try `wp scaffold theme-tests p3child`
     Then STDERR should be:
       """
-      Error: Invalid theme slug specified.
+      Error: Invalid theme slug specified. The theme 'p3child' does not exist.
       """
 
   Scenario: Scaffold theme tests with Circle as the provider
@@ -101,14 +101,50 @@ Feature: Scaffold theme unit tests
   Scenario: Scaffold theme tests with invalid slug
 
     When I try `wp scaffold theme-tests .`
-    Then STDERR should contain:
+    Then STDERR should be:
       """
-      Error: Invalid theme slug specified.
+      Error: Invalid theme slug specified. The slug cannot be '.' or '..'.
       """
 
     When I try `wp scaffold theme-tests ../`
-    Then STDERR should contain:
+    Then STDERR should be:
+      """
+      Error: Invalid theme slug specified. The target directory '{RUN_DIR}/wp-content/themes/../' is not in '{RUN_DIR}/wp-content/themes'.
+      """
+
+  Scenario: Scaffold theme tests with invalid directory
+    When I try `wp scaffold theme-tests p2 --dir=non-existent-dir`
+    Then STDERR should be:
+      """
+      Error: Invalid theme directory specified. No such directory 'non-existent-dir'.
+      """
+
+    # Temporarily move.
+    When I run `mv -f {THEME_DIR}/p2 {THEME_DIR}/hide-p2 && touch {THEME_DIR}/p2`
+    Then the return code should be 0
+
+    When I try `wp scaffold theme-tests p2`
+    Then STDERR should be:
+      """
+      Error: Invalid theme slug specified. No such target directory '{THEME_DIR}/p2'.
       """
-      Error: Invalid theme slug specified.
+
+    # Restore.
+    When I run `rm -f {THEME_DIR}/p2 && mv -f {THEME_DIR}/hide-p2 {THEME_DIR}/p2`
+    Then the return code should be 0
+
+  Scenario: Scaffold theme tests with a symbolic link
+    # Temporarily move the whole theme dir and create a symbolic link to it.
+    When I run `mv -f {THEME_DIR} {RUN_DIR}/alt-themes && ln -s {RUN_DIR}/alt-themes {THEME_DIR}`
+    Then the return code should be 0
+
+    When I run `wp scaffold theme-tests p2`
+    Then STDOUT should not be empty
+    And the {THEME_DIR}/p2/tests directory should contain:
+      """
+      bootstrap.php
       """
 
+    # Restore.
+    When I run `unlink {THEME_DIR} && mv -f {RUN_DIR}/alt-themes {THEME_DIR}`
+    Then the return code should be 0
diff --git a/src/Scaffold_Command.php b/src/Scaffold_Command.php
@@ -239,10 +239,6 @@ public function _s( $args, $assoc_args ) {
 		$url        = "http://underscores.me";
 		$timeout    = 30;
 
-		if ( in_array( $theme_slug, array( '.', '..' ) ) ) {
-			WP_CLI::error( "Invalid theme slug specified." );
-		}
-
 		if ( ! preg_match( '/^[a-z_]\w+$/i', str_replace( '-', '_', $theme_slug ) ) ) {
 			WP_CLI::error( "Invalid theme slug specified. Theme slugs can only contain letters, numbers, underscores and hyphens, and can only start with a letter or underscore." );
 		}
@@ -255,8 +251,8 @@ public function _s( $args, $assoc_args ) {
 
 		$_s_theme_path = "$theme_path/$data[theme_name]";
 
-		if ( ! $this->check_target_directory( "theme", $_s_theme_path ) ) {
-			WP_CLI::error( "Invalid theme slug specified." );
+		if ( $error_msg = $this->check_target_directory( "theme", $_s_theme_path ) ) {
+			WP_CLI::error( "Invalid theme slug specified. {$error_msg}" );
 		}
 
 		$force = \WP_CLI\Utils\get_flag_value( $assoc_args, 'force' );
@@ -366,7 +362,7 @@ function child_theme( $args, $assoc_args ) {
 		$theme_slug = $args[0];
 
 		if ( in_array( $theme_slug, array( '.', '..' ) ) ) {
-			WP_CLI::error( "Invalid theme slug specified." );
+			WP_CLI::error( "Invalid theme slug specified. The slug cannot be '.' or '..'." );
 		}
 
 		$data = wp_parse_args( $assoc_args, array(
@@ -382,8 +378,8 @@ function child_theme( $args, $assoc_args ) {
 
 		$theme_dir = WP_CONTENT_DIR . "/themes" . "/$theme_slug";
 
-		if ( ! $this->check_target_directory( "theme", $theme_dir ) ) {
-			WP_CLI::error( "Invalid theme slug specified." );
+		if ( $error_msg = $this->check_target_directory( "theme", $theme_dir ) ) {
+			WP_CLI::error( "Invalid theme slug specified. {$error_msg}" );
 		}
 
 		$theme_style_path     = "$theme_dir/style.css";
@@ -512,7 +508,7 @@ function plugin( $args, $assoc_args ) {
 		$plugin_package = str_replace( ' ', '_', $plugin_name );
 
 		if ( in_array( $plugin_slug, array( '.', '..' ) ) ) {
-			WP_CLI::error( "Invalid plugin slug specified." );
+			WP_CLI::error( "Invalid plugin slug specified. The slug cannot be '.' or '..'." );
 		}
 
 		$data = wp_parse_args( $assoc_args, array(
@@ -537,8 +533,8 @@ function plugin( $args, $assoc_args ) {
 			$plugin_dir = WP_PLUGIN_DIR . "/$plugin_slug";
 			$this->maybe_create_plugins_dir();
 
-			if ( ! $this->check_target_directory( "plugin", $plugin_dir ) ) {
-				WP_CLI::error( "Invalid plugin slug specified." );
+			if ( $error_msg = $this->check_target_directory( "plugin", $plugin_dir ) ) {
+				WP_CLI::error( "Invalid plugin slug specified. {$error_msg}" );
 			}
 		}
 
@@ -684,30 +680,30 @@ private function scaffold_plugin_theme_tests( $args, $assoc_args, $type ) {
 		if ( ! empty( $args[0] ) ) {
 			$slug = $args[0];
 			if ( in_array( $slug, array( '.', '..' ) ) ) {
-				WP_CLI::error( "Invalid {$type} slug specified." );
+				WP_CLI::error( "Invalid {$type} slug specified. The slug cannot be '.' or '..'." );
 			}
 			if ( 'theme' === $type ) {
 				$theme = wp_get_theme( $slug );
 				if ( $theme->exists() ) {
 					$target_dir = $theme->get_stylesheet_directory();
 				} else {
-					WP_CLI::error( "Invalid {$type} slug specified." );
+					WP_CLI::error( "Invalid {$type} slug specified. The theme '{$slug}' does not exist." );
 				}
 			} else {
 				$target_dir = WP_PLUGIN_DIR . "/$slug";
 			}
 			if ( empty( $assoc_args['dir'] ) && ! is_dir( $target_dir ) ) {
-				WP_CLI::error( "Invalid {$type} slug specified." );
+				WP_CLI::error( "Invalid {$type} slug specified. No such target directory '{$target_dir}'." );
 			}
-			if ( ! $this->check_target_directory( $type, $target_dir ) ) {
-				WP_CLI::error( "Invalid {$type} slug specified." );
+			if ( $error_msg = $this->check_target_directory( $type, $target_dir ) ) {
+				WP_CLI::error( "Invalid {$type} slug specified. {$error_msg}" );
 			}
 		}
 
 		if ( ! empty( $assoc_args['dir'] ) ) {
 			$target_dir = $assoc_args['dir'];
 			if ( ! is_dir( $target_dir ) ) {
-				WP_CLI::error( "Invalid {$type} directory specified." );
+				WP_CLI::error( "Invalid {$type} directory specified. No such directory '{$target_dir}'." );
 			}
 			if ( empty( $slug ) ) {
 				$slug = Utils\basename( $target_dir );
@@ -788,22 +784,27 @@ private function scaffold_plugin_theme_tests( $args, $assoc_args, $type ) {
 		);
 	}
 
+	/**
+	 * Checks that the `$target_dir` is a child directory of the WP themes or plugins directory, depending on `$type`.
+	 *
+	 * @param string $type       "theme" or "plugin"
+	 * @param string $target_dir The theme/plugin directory to check.
+	 *
+	 * @return null|string Returns null on success, error message on error.
+	 */
 	private function check_target_directory( $type, $target_dir ) {
-		if ( realpath( $target_dir ) ) {
-			$target_dir = realpath( $target_dir );
-		}
-
-		$parent_dir = str_replace( '\\', '/', dirname( $target_dir ) );
+		$parent_dir = dirname( self::canonicalize_path( str_replace( '\\', '/', $target_dir ) ) );
 
-		if ( 'theme' === $type && str_replace( '\\', '/', WP_CONTENT_DIR . '/themes' ) === $parent_dir ) {
-			return true;
+		if ( 'theme' === $type && str_replace( '\\', '/', WP_CONTENT_DIR . '/themes' ) !== $parent_dir ) {
+			return sprintf( 'The target directory \'%1$s\' is not in \'%2$s\'.', $target_dir, WP_CONTENT_DIR . '/themes' );
 		}
 
-		if ( 'plugin' === $type && str_replace( '\\', '/', WP_PLUGIN_DIR ) === $parent_dir ) {
-			return true;
+		if ( 'plugin' === $type && str_replace( '\\', '/', WP_PLUGIN_DIR ) !== $parent_dir ) {
+			return sprintf( 'The target directory \'%1$s\' is not in \'%2$s\'.', $target_dir, WP_PLUGIN_DIR );
 		}
 
-		return false;
+		// Success.
+		return null;
 	}
 
 	protected function create_files( $files_and_contents, $force ) {
@@ -1004,4 +1005,35 @@ private static function get_template_path( $template ) {
 		return $template_path;
 	}
 
+	/*
+	 * Returns the canonicalized path, with dot and double dot segments resolved.
+	 *
+	 * Copied from Symfony\Component\DomCrawler\AbstractUriElement::canonicalizePath().
+	 * Implements RFC 3986, section 5.2.4.
+	 *
+	 * @param string $path The path to make canonical.
+	 *
+	 * @return string The canonicalized path.
+	 */
+	private static function canonicalize_path( $path ) {
+		if ( '' === $path || '/' === $path ) {
+			return $path;
+		}
+
+		if ( '.' === substr( $path, -1 ) ) {
+			$path .= '/';
+		}
+
+		$output = array();
+
+		foreach ( explode( '/', $path ) as $segment ) {
+			if ( '..' === $segment ) {
+				array_pop( $output );
+			} elseif ( '.' !== $segment ) {
+				$output[] = $segment;
+			}
+		}
+
+		return implode( '/', $output );
+	}
 }
